Closed hodak closed 4 years ago
Hello looking around for my issue between my Shibboleth IDP and a service Provider which couldn't consume attributes sent in the SAML SSO assertion, I guess your resolution solve the problem ? can you be more explicit on what was the issue ?
My recent test seem to worked fine in regards to the we browser result and my shiboleth IDP logs :
INFO [Shibboleth-Consent-Audit.SSO:241] - 20200710T094327Z|recruitee|AttributeReleaseConsent|procacci|eduPersonAffiliation,eduPersonPrincipalName,mail,uid||true,true,true,true
Thanks .
@jehanproc In the case of this issue and this resolution: https://github.com/handnot2/samly_shibboleth/pull/1/files for us the problem was in an incorrect SP Entity ID. We tried using SP that didn't have whitelisted attributes to share with this SP, so the SSO flow came back with empty attributes. With this change going through this tutorial should now work: https://handnot2.github.io/blog/auth/saml-auth-for-phoenix
Hi, I'm having a problem with Shibboleth configuration and am a bit lost where to look for the solution. I have just set up samly_howto with both samly_simplesaml and samly_shibboleth. While there's no problem with SimpleSAML, I receive an empty attributes map in assertion from Shibboleth. I went through the steps described in this post: https://handnot2.github.io/blog/auth/saml-auth-for-phoenix
idp
is Shibboleth's configuration,idp2
is SimpleSAML's configuration.Visiting https://samly.howto:4443/?idp=idp2, "Sign In"
Everything works well. After clearing cookies and visiting https://samly.howto:4443?idp=idp
I receive empty attributes map. I left
IO.inspect
here: https://github.com/handnot2/samly_howto/blob/master/lib/samly_howto_web/plugs/samly_pipeline.ex#L9 and that's the result:When starting the server I do receive the
[warn] [Samly] SLO Endpoint missing in ["idp_metadata.xml"]
error:Can this be the reason? I have not changed any configuration in samly_shibboleth.
I would greatly appreciate any help that would help me understand how to configure Shibboleth to work with Samly. It's a great library that we use to host IdPs from Azure, G Suite, Auth0, and Okta. That's the first IdP where we hit the wall.
Update Here's a log from Shibboleth's start to the point where I'm back in
samly_howto
.Update2